Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025.
The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems
Indurex was founded by Jalal Bouhdada, who previously led industrial cybersecurity company Applied Risk.
The post Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems appeared first on SecurityWeek.
Fortinet Patches Exploited FortiCloud SSO Authentication Bypass
Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts.
The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek.
High-Severity Remote Code Execution Vulnerability Patched in OpenSSL
A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm.
The post High-Severity Remote Code Execution Vulnerability Patched in OpenSSL appeared first on SecurityWeek.
Memcyco Raises $37 Million for Anti-Impersonation Technology
The startup will use the investment to fuel global expansion of its agentless platform, including in Latin America.
The post Memcyco Raises $37 Million for Anti-Impersonation Technology appeared first on SecurityWeek.
Over 100 Organizations Targeted in ShinyHunters Phishing Campaign
Domains set up by the threat actor suggest attacks aimed at Atlassian, Canva, Epic Games, HubSpot, Moderna, ZoomInfo, and WeWork.
The post Over 100 Organizations Targeted in ShinyHunters Phishing Campaign appeared first on SecurityWeek.
‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks
The protections against NPM supply chain attacks could be bypassed, leading to arbitrary code execution.
The post ‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks appeared first on SecurityWeek.
Cyber Insights 2026: Quantum Computing and the Potential Synergy With Advanced AI
SecurityWeek’s Cyber Insights 2026 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we explore quantum computing and its threat to current encryption, where the use of AI might shorten […]
The post Cyber Insights 2026: Quantum Computing and the Potential Synergy With Advanced AI appeared first on SecurityWeek.
Chrome, Edge Extensions Caught Stealing ChatGPT Sessions
Marketed as ChatGPT enhancement and productivity tools, the extensions allow the threat actor to access the victim’s ChatGPT data.
The post Chrome, Edge Extensions Caught Stealing ChatGPT Sessions appeared first on SecurityWeek.
Organizations Warned of Exploited Linux Vulnerabilities
The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root.
The post Organizations Warned of Exploited Linux Vulnerabilities appeared first on SecurityWeek.